RANSOMWARE ATTACKS IN PERSPECTIVE AND HOW TO DEFEND YOUR DATA AGAINST THEM

RANSOMWARE ATTACKS IN PERSPECTIVE AND HOW TO DEFEND YOUR DATA AGAINST THEM

As the impact from this weekend's WannaCry global ransomware attack continues to spread hour by hour, let’s take a moment to put the attack into context and discuss key methods to protecting your data against such attacks.

Ransomware has a significant impact on businesses and consumers alike − no one is spared, that is, unless precautions were in place. Ransomware prevention has stolen headlines in the past year. The FBI published a warningin early 2016 calling attention directly to prevention efforts for ransomware attacks. And as recently as a few weeks ago, former FBI Director James Comey highlighted the government’s cyber strategies for fighting ransomware threats in his remarks at the 2017 Intelligence and National Security Alliance (INSA) Leadership Dinner.

A PARTICULARLY GALLING FORM OF ATTACK

In general, the nature of a ransomware attack is particularly galling. Attackers do not have to copy or steal your data for the attack to succeed; they must simply compromise your system and encrypt your data. They can, in fact, leave your data sitting on your server, right where they found it, bundled up in unbreakable encryption.

This is because the primary goal of a ransomware attack is not necessarily to steal your data − it is to prevent you from accessing your data. By extension, the attack prevents you from conducting business as usual and puts you under intense pressure to give into the attacker’s demand for payment.

YOUR DATA CAN—AND SHOULD—BE IN TWO PLACES AT ONCE

In real-world kidnapping, the crime that inspired the term ransomware, the criminal's leverage is that they are holding hostage someone that you want to get back. That leverage can cause the victim to pay the ransom willingly, whatever the cost.

Where human kidnappings can’t be prevented, ransomware can. Simply creating backups of your data removes a huge chunk of a cybercriminal’s leverage. Backups are currently the single best defense against ransomware. If you make and store data backups according to best practices, the backup data will not be subject to the same encryption attack as your production data.

With the right backup solution in place, in other words, a ransomware attack simply cannot hold all of your business data hostage. They can only hold hostage the incremental data that has changed since your last backup. And that gives your business more options when responding to the attack.

A SPOTLIGHT ON BACKUP SOLUTIONS

For some businesses, of course, losing even incremental data could itself be catastrophic, depending on the increment in question. Businesses in regulated industries may have acceptable backup windows established by statute. Other businesses have to weigh the cost of more frequent backups against the potential impact of data loss of increasing magnitude.

Fortunately, the state of data backup options is quite robust. For any given set of Restore Time and Restore Point Objectives, there are solutions that fit. Cloud-based backup, tape backup, disk backup—you have a range of options. You can even get backup provided as a managed service.

A GOOD TIME TO REVIEW YOUR DATA BACKUP SOLUTION

The total sum of damages caused by the recent WannaCry ransomware attack won’t be clear for a few more weeks. Businesses are still determining how best to respond to attacks. What is clear now, though, is that this is the ideal time to revisit your data back-up solution and ensure that you are factoring in threats such as ransomware.